This is a note to let you know that I've just added the patch titled lkdtm: Fix content of section containing lkdtm_rodata_do_nothing() to the 5.10-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: lkdtm-fix-content-of-section-containing-lkdtm_rodata_do_nothing.patch and it can be found in the queue-5.10 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From bc93a22a19eb2b68a16ecf04cdf4b2ed65aaf398 Mon Sep 17 00:00:00 2001 From: Christophe Leroy <christophe.leroy@xxxxxxxxxx> Date: Fri, 8 Oct 2021 18:58:40 +0200 Subject: lkdtm: Fix content of section containing lkdtm_rodata_do_nothing() From: Christophe Leroy <christophe.leroy@xxxxxxxxxx> commit bc93a22a19eb2b68a16ecf04cdf4b2ed65aaf398 upstream. On a kernel without CONFIG_STRICT_KERNEL_RWX, running EXEC_RODATA test leads to "Illegal instruction" failure. Looking at the content of rodata_objcopy.o, we see that the function content zeroes only: Disassembly of section .rodata: 0000000000000000 <.lkdtm_rodata_do_nothing>: 0: 00 00 00 00 .long 0x0 Add the contents flag in order to keep the content of the section while renaming it. Disassembly of section .rodata: 0000000000000000 <.lkdtm_rodata_do_nothing>: 0: 4e 80 00 20 blr Fixes: e9e08a07385e ("lkdtm: support llvm-objcopy") Cc: stable@xxxxxxxxxxxxxxx Cc: Kees Cook <keescook@xxxxxxxxxxxx> Cc: Arnd Bergmann <arnd@xxxxxxxx> Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> Cc: Nick Desaulniers <ndesaulniers@xxxxxxxxxx> Cc: Nathan Chancellor <nathan@xxxxxxxxxx> Signed-off-by: Christophe Leroy <christophe.leroy@xxxxxxxxxx> Reviewed-by: Nick Desaulniers <ndesaulniers@xxxxxxxxxx> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> Link: https://lore.kernel.org/r/8900731fbc05fb8b0de18af7133a8fc07c3c53a1.1633712176.git.christophe.leroy@xxxxxxxxxx Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- drivers/misc/lkdtm/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/drivers/misc/lkdtm/Makefile +++ b/drivers/misc/lkdtm/Makefile @@ -16,7 +16,7 @@ KCOV_INSTRUMENT_rodata.o := n OBJCOPYFLAGS := OBJCOPYFLAGS_rodata_objcopy.o := \ - --rename-section .noinstr.text=.rodata,alloc,readonly,load + --rename-section .noinstr.text=.rodata,alloc,readonly,load,contents targets += rodata.o rodata_objcopy.o $(obj)/rodata_objcopy.o: $(obj)/rodata.o FORCE $(call if_changed,objcopy) Patches currently in stable-queue which might be from christophe.leroy@xxxxxxxxxx are queue-5.10/lkdtm-fix-content-of-section-containing-lkdtm_rodata_do_nothing.patch